|
|
|
@ -1357,7 +1357,105 @@ policy {
|
|
|
|
|
}
|
|
|
|
|
{% endfor %}{% endfor %}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% if 'community_affects_route_maps' in pillar and 'site_codes' in pillar and 'community_affects_prepend_asn' in pillar %}
|
|
|
|
|
{% for route_map_prefix,community_suffixes in pillar.get('community_affects',{}).items() %}
|
|
|
|
|
{% for community_suffix in community_suffixes %}
|
|
|
|
|
{% for digit in "01239" %}
|
|
|
|
|
community-list community_affects_65XX{{ digit }}_{{ community_suffix }} {
|
|
|
|
|
{% for site_code in ['00'] + pillar['site_codes'] %}
|
|
|
|
|
rule {{ loop.index }} {
|
|
|
|
|
action 'permit'
|
|
|
|
|
regex 65{{ site_code }}0:{{ community_suffix }}
|
|
|
|
|
}
|
|
|
|
|
{% endfor %}
|
|
|
|
|
}
|
|
|
|
|
{% endfor %}
|
|
|
|
|
{% endfor %}
|
|
|
|
|
{% for af in ['IPv4','IPv6'] %}
|
|
|
|
|
{% for rm in pillar['community_affects_route_maps'] %}
|
|
|
|
|
route-map {{ route_map_prefix }}-{{ rm }}-{{ af }} {
|
|
|
|
|
{% for community_suffix in community_suffixes %}
|
|
|
|
|
rule {{ loop.index*10 }} {
|
|
|
|
|
match {
|
|
|
|
|
community {
|
|
|
|
|
community-list community_affects_65XX0_{{ community_suffix }}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
action deny
|
|
|
|
|
}
|
|
|
|
|
rule {{ loop.index*10 + 1 }} {
|
|
|
|
|
match {
|
|
|
|
|
community {
|
|
|
|
|
community-list community_affects_65XX1_{{ community_suffix }}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
set {
|
|
|
|
|
as-path-prepend "{{ pillar['community_affects_prepend_asn'] }}"
|
|
|
|
|
}
|
|
|
|
|
call {{ rm }}-{{ af }}
|
|
|
|
|
action permit
|
|
|
|
|
}
|
|
|
|
|
rule {{ loop.index*10 + 2 }} {
|
|
|
|
|
match {
|
|
|
|
|
community {
|
|
|
|
|
community-list community_affects_65XX2_{{ community_suffix }}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
set {
|
|
|
|
|
as-path-prepend "{{ pillar['community_affects_prepend_asn'] }} {{ pillar['community_affects_prepend_asn'] }}"
|
|
|
|
|
}
|
|
|
|
|
call {{ rm }}-{{ af }}
|
|
|
|
|
action permit
|
|
|
|
|
}
|
|
|
|
|
rule {{ loop.index*10 + 3 }} {
|
|
|
|
|
match {
|
|
|
|
|
community {
|
|
|
|
|
community-list community_affects_65XX3_{{ community_suffix }}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
set {
|
|
|
|
|
as-path-prepend "{{ pillar['community_affects_prepend_asn'] }} {{ pillar['community_affects_prepend_asn'] }} {{ pillar['community_affects_prepend_asn'] }}"
|
|
|
|
|
}
|
|
|
|
|
call {{ rm }}-{{ af }}
|
|
|
|
|
action permit
|
|
|
|
|
}
|
|
|
|
|
rule {{ loop.index*10 + 9 }} {
|
|
|
|
|
match {
|
|
|
|
|
community {
|
|
|
|
|
community-list community_affects_65XX9_{{ community_suffix }}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
set {
|
|
|
|
|
community "additive no-export"
|
|
|
|
|
}
|
|
|
|
|
call {{ rm }}-{{ af }}
|
|
|
|
|
action permit
|
|
|
|
|
}
|
|
|
|
|
{% endfor %}
|
|
|
|
|
rule 65535 {
|
|
|
|
|
match {
|
|
|
|
|
{% if af == "IPv4" %}
|
|
|
|
|
ip {
|
|
|
|
|
address {
|
|
|
|
|
prefix-list hphr-DFZ-IPv4
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
{% elif af == "IPv6" %}
|
|
|
|
|
ipv6 {
|
|
|
|
|
address {
|
|
|
|
|
prefix-list hphr-DFZ-IPv6
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
{% endif %}
|
|
|
|
|
}
|
|
|
|
|
call {{ rm }}-{{ af }}
|
|
|
|
|
action permit
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
{% endfor %}
|
|
|
|
|
{% endfor %}
|
|
|
|
|
{% endfor %}
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
{% for prefix_list_name, prefix_data in salt['pillar.get']("policy:prefix-list",{}).items() %}
|
|
|
|
|
prefix-list {{ prefix_list_name }} {
|
|
|
|
|